<?php
require("../config.php");
$conn = mysqli_connect($host, $user, $password, $dbname);
require("../function.php");
$config = $bluestar->get_config($conn);
$admin_url = $config["admin_url"];
$login_html = <<<_
<html lang="zh-CN">

<head>
    <meta charset="UTF-8">
    <title>BlueStarNet 管理面板</title>
    <script src="../file/js/jQuery.min.js"></script>
    <style>
        #login {
            width: 400px;
            margin: 100px auto;
            background-color: #fff;
            border-radius: 10px;
            padding: 30px;
            box-shadow: 0 0 10px rgba(0, 0, 0, 0.3);
        }

        input {
            display: block;
            width: 100%;
            margin-bottom: 20px;
            padding: 10px;
            font-size: 16px;
            border: none;
            border-radius: 5px;
            box-shadow: 0 0 5px rgba(0, 0, 0, 0.1);
        }

        #button {
            display: block;
            width: 100%;
            padding: 12px;
            border: none;
            border-radius: 5px;
            background-color: #4CAF50;
            color: #fff;
            font-size: 16px;
            cursor: pointer;
            transition: background-color 0.3s ease-in-out;
        }

        #button:hover {
            background-color: #3E8E41;
        }
    </style>
</head>

<body>
    <script>
        function install() {
            $.post({
                url: "/$admin_url/index.php",
                data: {
                    login: $("#password").val(),
                },
                success: function(data) {
                    if (typeof data === "string") {
                        data = JSON.parse(data);
                    };
                    if (data.code == 200) {
                        location.reload();
                    } else {
                        alert("Wrong password.");
                    }
                }
            });
        }
    </script>
    <div id="login">
        <h1>Login</h1>
        <label for="password">Password：</label>
        <input type="password" name="password" id="password" required>
        <button id="button" onclick="install()">Submit</button>
    </div>
</body>

</html>
_;

if (isset($_REQUEST["type"]) and isset($_REQUEST["target"])) {
    if (!isset($_COOKIE["admin_token"])) {
        die(json_encode(array("code" => 401, "info" => "unauthorized")));
    } else {
        if ($_COOKIE["admin_token"] !== md5($config["admin"])) {
            die(json_encode(array("code" => 401, "info" => "unauthorized")));
        }
    }
}
if (isset($_REQUEST["login"])) {
    if ($_REQUEST["login"] == $config["admin"]) {
        setcookie("admin_token", md5($config["admin"]), time() + 60 * 60 * 24);
        die(json_encode(array("code" => 200, "info" => "Login success.")));
    } else {
        die(json_encode(array("code" => 401, "info" => "Wrong password.")));
    }
}
if (!isset($_COOKIE["admin_token"])) {
    die($login_html);
} else {
    if ($_COOKIE["admin_token"] !== md5($config["admin"])) {
        die($login_html);
    }
}
if (isset($_REQUEST["type"]) and isset($_REQUEST["target"])) {
    if ($_REQUEST["type"] == 'func') {
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $return = null;
            switch ($_REQUEST["target"]) {
                case "time":
                    $return = time();
                    break;
                case "php_version":
                    $return = phpversion();
                    break;
                    /* GET */
                case "get_all_user":
                    $user = array();
                    $select = mysqli_query($conn, "SELECT * FROM `blue_user`");
                    while ($row = mysqli_fetch_assoc($select)) {
                        $user[$row["id"]] = $row;
                    }
                    $return =  $user;
                    break;
                case "get_all_email_code":
                    $user = array();
                    $select = mysqli_query($conn, "SELECT * FROM `blue_code`");
                    while ($row = mysqli_fetch_assoc($select)) {
                        $user[$row["email"]] = $row;
                    }
                    $return =  $user;
                    break;
                case "get_config":
                    $return = $bluestar->get_config($conn);
                    break;
                case "get_product_card":
                    $return = $bluestar->get_product_card($conn);
                    break;
                case "get_product":
                    $return = $bluestar->get_product($conn);
                    break;
                case "get_nav":
                    $nav = array();
                    $select = mysqli_query($conn, "SELECT * FROM `blue_nav`");
                    while ($row = mysqli_fetch_assoc($select)) {
                        $nav[$row["name"]] = array("name" => $row["name"], "url" => $row["url"], "id" => $row["id"]);
                    }
                    $return =  $nav;
                    break;
                case "get_friend_url":
                    $nav = array();
                    $select = mysqli_query($conn, "SELECT * FROM `blue_friendurl`");
                    while ($row = mysqli_fetch_assoc($select)) {
                        $nav[$row["name"]] = array("name" => $row["name"], "url" => $row["url"], "about" => $row["about"], "img" => $row["image"], "status" => $row["status"], "id" => $row["id"]);
                    }
                    $return =  $nav;
                    break;
                case "get_product_from":
                    $return = $bluestar->get_product_from($conn);
                    break;
                case "get_team_members":
                    $return = $bluestar->get_team_members($conn);
                    break;
                    /* CONFIG */
                case "set_config_about":
                    $p = $_POST["value"];
                    $select = mysqli_query($conn, "UPDATE blue_config SET value='$p' WHERE name='about'");
                    $return = "success";
                    break;
                case "set_config_websitename":
                    $p = $_POST["value"];
                    $select = mysqli_query($conn, "UPDATE blue_config SET value='$p' WHERE name='websitename'");
                    $return = "success";
                    break;
                case "set_smtp":
                    $p1 = $_POST["email"];
                    $p2 = $_POST["host"];
                    $p3 = $_POST["password"];
                    $p4 = $_POST["port"];
                    $select1 = mysqli_query($conn, "UPDATE blue_config SET value='$p1' WHERE name='smtp_email'");
                    $select2 = mysqli_query($conn, "UPDATE blue_config SET value='$p2' WHERE name='smtp_host'");
                    $select3 = mysqli_query($conn, "UPDATE blue_config SET value='$p3' WHERE name='smtp_password'");
                    $select4 = mysqli_query($conn, "UPDATE blue_config SET value='$p4' WHERE name='smtp_port'");
                    $return = "success";
                    break;
                    /* NAV */
                case "add_nav":
                    $n = $_POST["name"];
                    $u = $_POST["url"];
                    $select = mysqli_query($conn, "INSERT INTO blue_nav (`name`, `url`) VALUES ('$n', '$u')");
                    $return = "success";
                    break;
                case "delete_nav":
                    $i = $_POST["id"];
                    $select = mysqli_query($conn, "DELETE FROM blue_nav WHERE `id`='$i'");
                    $return = "success";
                    break;
                case "change_nav":
                    $i = $_POST["id"];
                    $n = $_POST["name"];
                    $u = $_POST["url"];
                    $select = mysqli_query($conn, "UPDATE blue_nav SET `name`='$n', `url`='$u' WHERE `id`='$i'");
                    $return = "success";
                    break;
                    /* FRIEND_URL */
                case "add_friend_url":
                    $n = $_POST["name"];
                    $u = $_POST["url"];
                    $a  = $_POST["about"];
                    $im = $_POST["img"];
                    $s = $_POST["show"];
                    $select = mysqli_query($conn, "INSERT INTO blue_friendurl (`name`, `url`, `about`, `image`, `status`) VALUES ('$n', '$u', '$a', '$im', $s)");
                    $return = "success";
                    break;
                case "delete_friend_url":
                    $i = $_POST["id"];
                    $select = mysqli_query($conn, "DELETE FROM blue_friendurl WHERE `id`='$i'");
                    $return = "success";
                    break;
                case "change_friend_url":
                    $i = $_POST["id"];
                    $n = $_POST["name"];
                    $u = $_POST["url"];
                    $a  = $_POST["about"];
                    $im = $_POST["img"];
                    $s = $_POST["show"];
                    $select = mysqli_query($conn, "UPDATE blue_friendurl SET `name`='$n', `url`='$u', `about`='$a', `image`='$im', `status`=$s WHERE `id`='$i'");
                    $return = "success";
                    break;
                    /* EMAIL_CODE */
                case "delete_email_code":
                    $i = $_POST["email"];
                    $select = mysqli_query($conn, "DELETE FROM blue_code WHERE `email`='$i'");
                    $return = "success";
                    break;
                    /* USER */
                case "delete_user":
                    $i = $_POST["id"];
                    $select = mysqli_query($conn, "DELETE FROM blue_user WHERE `id`='$i'");
                    $return = "success";
                    break;
                case "change_user":
                    $i = $_POST["id"];
                    $e = $_POST["email"];
                    $r = $_POST["risk"];
                    $m = $_POST["money"];
                    $select = mysqli_query($conn, "UPDATE blue_user SET `email`='$e', `risk`=$r, `money`=$m WHERE `id`='$i'");
                    $return = "success";
                    break;
                    /* OTHER */
                case "get_post":
                    $return = array("post" => $_POST, "get" => $_GET, "r" => $_REQUEST);
                    break;
                case "change_password":
                    $p = $_POST["old"];
                    $n = $_POST["new"];
                    $c = $bluestar->get_config($conn);
                    if ($c["admin"] === $p) {
                        $select = mysqli_query($conn, "UPDATE blue_config SET value='$n' WHERE name='admin'");
                        $return = "success";
                    } else {
                        die(json_encode(array("code" => 401, "info" => "Wrong password.")));
                    }
                    break;
                case "exit":
                    setcookie("admin_token", "0");
                    break;
            }
            die(json_encode(array("code" => 200, "data" => $return)));
        } else {
            die(json_encode(array("code" => 405)));
        }
    }
}


echo "<!DOCTYPE html>";

?>

<html>

<head>
    <title>BlueStarNet 管理面板</title>
    <link rel="stylesheet" href="../file/css/mdui.min.css">
</head>

<body class="mdui-theme-primary-indigo mdui-theme-accent-blue mdui-appbar-with-toolbar mdui-drawer-body-left" style="overflow:hidden">
    <div class="mdui-appbar mdui-appbar-fixed">
        <div class="mdui-toolbar mdui-color-theme ">
            <button class="mdui-btn mdui-btn-icon" mdui-drawer="{target: '#drawer'}">
                <i class="mdui-icon material-icons">menu</i>
            </button>
            <span class="mdui-typo-title">BlueStarNet 管理面板</span>
            <div class="mdui-toolbar-spacer"></div>
            <button class="mdui-btn mdui-btn-icon">
                <i class="mdui-icon material-icons">refresh</i>
            </button>
            <button class="mdui-btn mdui-btn-icon">
                <i class="mdui-icon material-icons">more_vert</i>
            </button>
        </div>
    </div>
    <div class="mdui-drawer" id="drawer">
        <ul class="mdui-list">
            <li class="mdui-subheader">官网</li>
            <a class="mdui-list-item mdui-ripple" href="#cfg">
                <i class="mdui-list-item-icon mdui-icon material-icons">web</i>
                <div class="mdui-list-item-content">官网信息</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#smtp">
                <i class="mdui-list-item-icon mdui-icon material-icons">email</i>
                <div class="mdui-list-item-content">SMTP信息</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#nav">
                <i class="mdui-list-item-icon mdui-icon material-icons">navigation</i>
                <div class="mdui-list-item-content">导航栏管理</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#friend">
                <i class="mdui-list-item-icon mdui-icon material-icons">link</i>
                <div class="mdui-list-item-content">友链管理</div>
            </a>
            <li class="mdui-subheader">用户</li>
            <a class="mdui-list-item mdui-ripple" href="#user">
                <i class="mdui-list-item-icon mdui-icon material-icons">group</i>
                <div class="mdui-list-item-content">用户管理</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#code">
                <i class="mdui-list-item-icon mdui-icon material-icons">email</i>
                <div class="mdui-list-item-content">邮箱验证码</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#feedback">
                <i class="mdui-list-item-icon mdui-icon material-icons">feedback</i>
                <div class="mdui-list-item-content">表单管理</div>
            </a>
            <li class="mdui-subheader">产品</li>
            <a class="mdui-list-item mdui-ripple" href="#product">
                <i class="mdui-list-item-icon mdui-icon material-icons">format_list_bulleted</i>
                <div class="mdui-list-item-content">产品管理</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#product_from">
                <i class="mdui-list-item-icon mdui-icon material-icons">class</i>
                <div class="mdui-list-item-content">产品分类管理</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#developer">
                <i class="mdui-list-item-icon mdui-icon material-icons">group</i>
                <div class="mdui-list-item-content">团队开发人员管理</div>
            </a>
            <li class="mdui-subheader">虚拟主机</li>
            <a class="mdui-list-item mdui-ripple" href="#host">
                <i class="mdui-list-item-icon mdui-icon material-icons">computer</i>
                <div class="mdui-list-item-content">虚拟主机母鸡配置</div>
            </a>
            <li class="mdui-subheader">管理面板</li>
            <a class="mdui-list-item mdui-ripple" href="#change_password">
                <i class="mdui-list-item-icon mdui-icon material-icons">code</i>
                <div class="mdui-list-item-content">更改密码</div>
            </a>
            <a class="mdui-list-item mdui-ripple" href="#exit_admin">
                <i class="mdui-list-item-icon mdui-icon material-icons">exit_to_app</i>
                <div class="mdui-list-item-content">退出面板</div>
            </a>
        </ul>
    </div>
    <div id="app"></div>
    <script>
        ! function() {
            var a = document.createElement("iframe");
            a.style.cssText = "margin:0;border:none;width:100%;";
            setInterval(() => {
                a.style.height = (window.innerHeight - document.querySelector(".mdui-toolbar").offsetHeight) + "px";
            }, 16);
            a.addEventListener("load", function(event) {
                if (!location.hash || location.hash === "#") {
                    a.contentDocument.write("<h2>欢迎来到 BlueStarNet 管理面板</h2>");
                } else {
                    a.contentDocument.body.classList.add("mdui-theme-accent-blue");
                }
            });
            document.querySelector("#app").append(a);
            var temp = 0;
            document.querySelectorAll("a").forEach(e => {
                e.onclick = function() {
                    if (a.contentWindow.has_change) {
                        mdui.confirm("你当前有未保存的更改，确认要切换吗？", null, function() {
                            a.contentWindow.has_change = null;
                            e.click();
                        })
                        return false;
                    }
                };
            });
            setInterval(() => {
                if (temp !== location.hash) {
                    temp = location.hash;
                    document.querySelectorAll(".mdui-list-item").forEach(e => {
                        if (e.getAttribute("href") == location.hash) {
                            e.classList.add("mdui-list-item-active")
                        } else {
                            e.classList.remove("mdui-list-item-active")
                        }
                    });
                    a.src = "./src/" + location.hash.slice(1) + ".php";
                };
            });
            window.writeHtml = function(html, callback) {
                var x = mdui.$(html);
                x.appendTo(document.body);
                callback({
                    w: window,
                    jq: x
                });
            };
        }();
    </script>
    <script src="../file/js/mdui.min.js"></script>
</body>

</html>